On the Effectiveness of Hardware Trojan Horse Detection via Side-Channel Analysis

ABSTRACT Hardware Trojan Horses (HTHs) are malicious and stealthy alterations of integrated circuits introduced at design or fabrication steps in order to modify a circuit’s intended behavior when deployed in the field. Due to HTHs’ stealth and diversity (intended alteration, implementation, triggering conditions), detecting and/or locating them is challenging. Several HTHs detection approaches have been proposed to address this problem. This paper focuses on so-called “side-channel analysis” methods, that is, methods that use power or delay measurements to detect potential HTHs. It reviews these methods and raises some considerations about the experiments made to evaluate them. Moreover, an original case study is presented in which we show that weak experiments may lead to misleading interpretations. Last, we evoke problems inherent to actual power and delay measurements.

[1]  Swarup Bhunia,et al.  Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme , 2008, 2008 Design, Automation and Test in Europe.

[2]  Mark Mohammad Tehranipoor,et al.  Power supply signal calibration techniques for improving detection resolution to hardware Trojans , 2008, 2008 IEEE/ACM International Conference on Computer-Aided Design.

[3]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[4]  Michael S. Hsiao,et al.  A Novel Sustained Vector Technique for the Detection of Hardware Trojans , 2009, 2009 22nd International Conference on VLSI Design.

[5]  KoushanfarFarinaz,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010 .

[6]  Marvin Onabajo,et al.  Analog Circuit Design for Process Variation-Resilient Systems-on-a-Chip , 2012 .

[7]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[8]  Dick James,et al.  The state-of-the-art in semiconductor reverse engineering , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[9]  Yiorgos Makris,et al.  Proof carrying-based information flow tracking for data secrecy protection and hardware trust , 2012, 2012 IEEE 30th VLSI Test Symposium (VTS).

[10]  Nicolas Sklavos,et al.  Side Channel Attacks Cryptanalysis against Block Ciphers Based on FPGA Devices , 2010, 2010 IEEE Computer Society Annual Symposium on VLSI.

[11]  Miodrag Potkonjak,et al.  Hardware Trojan horse detection using gate-level characterization , 2009, 2009 46th ACM/IEEE Design Automation Conference.

[12]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[13]  Swarup Bhunia,et al.  Self-referencing: A Scalable Side-Channel Approach for Hardware Trojan Detection , 2010, CHES.

[14]  Mark Mohammad Tehranipoor,et al.  A layout-aware approach for improving localized switching to detect hardware Trojans in integrated circuits , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[15]  Borivoje Nikolic,et al.  Measurement and Analysis of Variability in 45 nm Strained-Si CMOS Technology , 2009, IEEE Journal of Solid-State Circuits.

[16]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.

[17]  Kaushik Roy,et al.  Multiple-parameter side-channel analysis: A non-invasive hardware Trojan detection approach , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[18]  Jeyavijayan Rajendran,et al.  Towards a comprehensive and systematic classification of hardware Trojans , 2010, Proceedings of 2010 IEEE International Symposium on Circuits and Systems.

[19]  Milo M. K. Martin,et al.  Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically , 2010, 2010 IEEE Symposium on Security and Privacy.

[20]  Miodrag Potkonjak,et al.  Hardware Trojan horse benchmark via optimal creation and placement of malicious circuitry , 2012, DAC Design Automation Conference 2012.

[21]  Vazgen Melikyan,et al.  Synopsys' open educational design kit: Capabilities, deployment and future , 2009, 2009 IEEE International Conference on Microelectronic Systems Education.

[22]  Michael S. Hsiao,et al.  Guided test generation for isolation and detection of embedded trojans in ics , 2008, GLSVLSI '08.

[23]  Farinaz Koushanfar,et al.  Consistency-based characterization for IC Trojan detection , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[24]  Azadeh Davoodi,et al.  A sensor-assisted self-authentication framework for hardware trojan detection , 2012, DATE 2012.

[25]  Michael S. Hsiao,et al.  A region based approach for the identification of hardware Trojans , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.